1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved PC Mightymax [How to remove?]

Discussion in 'Malware and Virus Removal Archive' started by BillB, 2008/03/04.

Page 1 of 3
  1. 2008/03/04
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    [Resolved] PC Mightymax [How to remove?]

    Does anyone here have any experience with removing something called PC Mightymax? From what I've read so far on the web, it's a rogue spyware detection program that attempts to trick you into buying the product but apparently doesn't do what it claims. It also appears to be very hard to get rid of once installed. I've found some posts on the web about manual removal, but wanted to check with the gurus here before attempting any of them. Add/Remove programs doesn't work, the uninstall option from the program list also doesn't work. Any help would be appreciated.
     
    BillB,
    #1
  2. 2008/03/04
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hi Bill,

    Since you didn't give any specifics about the removal instructions you found, I can't offer an opinion about any of them. Did you try uninstalling it via the Uninstall entry in Start>All Programs>PC MightyMax? How about via Add/Remove Programs, click Change, then Remove?
     
    noahdfear,
    #2


  3. to hide this advert.

  4. 2008/03/04
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Hi Dave,

    Yea, I did try to remove it via Add/Remove programs, it says only registered products can be removed. It also has an entry in the programs list for uninstall, but apparently the uninstall program itself is missing. Here are the manual instructions that I found;

    Kill processes:
    PCMightyMaxSetup.EXE, pcmm.exe, pcmm2007.exe

    Delete registry values:
    O4 - HKLM\..\Run: [PCMM2007RT] "C:\Program Files\PC MightyMax 2007\pcmm2007.exe" /R
    O4 - HKLM\..\Run: [PCMMRealtime] C:\Program Files\PC MightyMax\pcmm.exe /R
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A6D6D9D4-AE36-4F9E-9B94-D8311BD76E2F}: NameServer = 212.59.2.2 212.59.1.1

    Delete files:
    PCMightyMaxSetup.EXE, pcmm.exe, pcmm2007.exe
     
    BillB,
    #3
  5. 2008/03/04
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Well, there's much more to remove than just that little bit. It creates a number of registry entries, as well as files. Believe it or not, my first recommendation would be to download the installer from the PC MightyMax website and run it. If it doesn't present you with an option to remove at that time, continue with the installation process. Make sure that it gets installed to the same directory (should be C:\Program Files\PC MightyMax). Once completed, try the uninstall entry in the All Programs list again.
     
    noahdfear,
    #4
  6. 2008/03/05
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Dave,

    I had to return the laptop this morning, so I tried the cleanup I mentioned earlier and it seems to have worked. I couldn't find any of the processes running, the icon was gone from the system tray and the machine seemed to be running a lot better. If I can get it back I may try your suggestion just to make sure it's gone.

    Thanks for the help.

    Bill
     
    BillB,
    #5
  7. 2008/03/05
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hi Bill,

    Trust me, it's not gone. De-activated, yes. But not gone. Here's a sampling of what was added/modified when PC Mightymax was installed on my system (stripped considerably).

    Code:
    ----------------------------------
Keys added:257
----------------------------------
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\713B41478A517224DA270783641C4644
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07A7D4FBD98D1D111AD7000A9CA05BF0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1B1D70235E082D119BD50006794CED42
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F16F47424372D111A99000A9CA05BF0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\269AF799760E1D113969000A9CF0729F
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3178400169C22D11A9790006794C4E25
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5941A8A5E632D111BA5000CF499B0B2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\07A7D4FBD98D1D111AD7000A9CA05BF0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\1B1D70235E082D119BD50006794CED42
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\1F16F47424372D111A99000A9CA05BF0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\269AF799760E1D113969000A9CF0729F
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\3178400169C22D11A9790006794C4E25
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\39E995A0F1765864FB0C1C112F48D560
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\7F15A8F076118D6458D090BFA84EF870
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\8E7DDEF1FFCE0D648A89A882292AC414
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\AF20EA1A456C89149B85D42D2DD030C4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\D2563F82FD526F943A044113FE20A50F
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\E3C14F6BC61E8CB4FABA2356EEB13F23
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Components\F5941A8A5E632D111BA5000CF499B0B2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Products\F0FA5D49EE6E57A4EB13C9C9A978DA54
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Products\F0FA5D49EE6E57A4EB13C9C9A978DA54\Features
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Products\F0FA5D49EE6E57A4EB13C9C9A978DA54\InstallProperties
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Products\F0FA5D49EE6E57A4EB13C9C9A978DA54\Patches
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-842925246-1580436667-2146771411-1004\Products\F0FA5D49EE6E57A4EB13C9C9A978DA54\Usage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{94D5AF0F-E6EE-4A75-BE31-9C9C9A87AD45}
HKEY_LOCAL_MACHINE\SOFTWARE\PC MightyMax
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MSISERVER\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MSISERVER\0000\Control
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\F0FA5D49EE6E57A4EB13C9C9A978DA54
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\713B41478A517224DA270783641C4644
HKEY_CURRENT_USER\Software\Classes\CLSID\{0000002F-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020420-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020421-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020422-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020423-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020424-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020425-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\CLSID\{0002E005-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}
HKEY_CURRENT_USER\Software\Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}
HKEY_CURRENT_USER\Software\Classes\CLSID\{275DBBA0-805A-11CF-91F7-C2863C385E30}
HKEY_CURRENT_USER\Software\Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}
HKEY_CURRENT_USER\Software\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER\Software\Classes\CLSID\{6319EEA0-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER\Software\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}
HKEY_CURRENT_USER\Software\Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}
HKEY_CURRENT_USER\Software\Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}
HKEY_CURRENT_USER\Software\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}
HKEY_CURRENT_USER\Software\Classes\Interface\{5F4DF280-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER\Software\Classes\Interface\{609602E0-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER\Software\Classes\Interface\{9F6AA700-D188-11CD-AD48-00AA003C9CB6}
HKEY_CURRENT_USER\Software\Classes\MSFlexGridLib.MSFlexGrid
HKEY_CURRENT_USER\Software\Classes\MSFlexGridLib.MSFlexGrid.1
HKEY_CURRENT_USER\Software\Classes\OldFont
HKEY_CURRENT_USER\Software\Classes\OldFont\CLSID
HKEY_CURRENT_USER\Software\Classes\StdFont
HKEY_CURRENT_USER\Software\Classes\StdFont\CLSID
HKEY_CURRENT_USER\Software\Classes\StdPicture
HKEY_CURRENT_USER\Software\Classes\StdPicture\CLSID
HKEY_CURRENT_USER\Software\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\TypeLib\{000204EF-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\TypeLib\{5E9E78A0-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER\Software\Classes\TypeLib\{EA544A21-C82D-11D1-A3E4-00A0C90AEA82}
HKEY_CURRENT_USER\Software\PC MightyMax
HKEY_CURRENT_USER_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\CLSID\{00020420-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\CLSID\{00020421-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\CLSID\{00020422-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\CLSID\{00020423-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\CLSID\{00020424-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\CLSID\{00020425-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}
HKEY_CURRENT_USER_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}
HKEY_CURRENT_USER_Classes\CLSID\{275DBBA0-805A-11CF-91F7-C2863C385E30}
HKEY_CURRENT_USER_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}
HKEY_CURRENT_USER_Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER_Classes\CLSID\{6319EEA0-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}
HKEY_CURRENT_USER_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}
HKEY_CURRENT_USER_Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}
HKEY_CURRENT_USER_Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}
HKEY_CURRENT_USER_Classes\Interface\{5F4DF280-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER_Classes\Interface\{609602E0-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER_Classes\Interface\{9F6AA700-D188-11CD-AD48-00AA003C9CB6}
HKEY_CURRENT_USER_Classes\MSFlexGridLib.MSFlexGrid
HKEY_CURRENT_USER_Classes\MSFlexGridLib.MSFlexGrid.1
HKEY_CURRENT_USER_Classes\TypeLib\{00020430-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\TypeLib\{000204EF-0000-0000-C000-000000000046}
HKEY_CURRENT_USER_Classes\TypeLib\{5E9E78A0-531B-11CF-91F6-C2863C385E30}
HKEY_CURRENT_USER_Classes\TypeLib\{EA544A21-C82D-11D1-A3E4-00A0C90AEA82}

*removed subkeys appended to added keys above

----------------------------------
Values added:308
----------------------------------

*removed values appended to added keys above


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PCMMRealtime:  "C:\Program Files\PC MightyMax\pcmm.exe /R "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\: " "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\comcat.dll: 0x00000003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\msflxgrd.ocx: 0x00000002
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\msvbvm60.dll: 0x00000003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\olepro32.dll: 0x00000003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\stdole2.tlb: 0x00000003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\oleaut32.dll: 0x00000003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\system32\asycfilt.dll: 0x00000002

----------------------------------
Values modified:24
----------------------------------
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\system32\advapi32.dll[MofResourceName]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\system32\advapi32.dll[MofResourceName]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\system32\DRIVERS\ACPI.sys[ACPIMOFResource]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\system32\DRIVERS\ACPI.sys[ACPIMOFResource]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\system32\DRIVERS\mssmbios.sys[MofResource]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\system32\DRIVERS\mssmbios.sys[MofResource]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\system32\DRIVERS\ipnat.sys[IPNATMofResource]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\system32\DRIVERS\ipnat.sys[IPNATMofResource]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\System32\Drivers\HTTP.sys[UlMofResource]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\C:\WINDOWS\System32\Drivers\HTTP.sys[UlMofResource]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\system32\advapi32.dll[MofResourceName]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\system32\advapi32.dll[MofResourceName]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\system32\DRIVERS\ACPI.sys[ACPIMOFResource]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\system32\DRIVERS\ACPI.sys[ACPIMOFResource]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\system32\DRIVERS\mssmbios.sys[MofResource]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\system32\DRIVERS\mssmbios.sys[MofResource]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\system32\DRIVERS\ipnat.sys[IPNATMofResource]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\system32\DRIVERS\ipnat.sys[IPNATMofResource]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\System32\Drivers\HTTP.sys[UlMofResource]:  "LowDateTime:172965888,HighDateTime:29653497***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE\C:\WINDOWS\System32\Drivers\HTTP.sys[UlMofResource]:  "LowDateTime:-1467295744,HighDateTime:29653488***Binary mof compiled successfully "
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent\: 0x0000000B
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent\: 0x0000000C
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent\: 0x0000000B
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent\: 0x0000000C

----------------------------------
Files added:59
----------------------------------
C:\Documents and Settings\Dave\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
C:\Documents and Settings\Dave\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30
C:\Documents and Settings\Dave\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
C:\Documents and Settings\Dave\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30
C:\Documents and Settings\Dave\Application Data\Microsoft\Installer\{94D5AF0F-E6EE-4A75-BE31-9C9C9A87AD45}\ARPPRODUCTICON.exe
C:\Documents and Settings\Dave\Application Data\Microsoft\Installer\{94D5AF0F-E6EE-4A75-BE31-9C9C9A87AD45}\NewShortcut21_94D5AF0FE6EE4A75BE319C9C9A87AD45.exe
C:\Documents and Settings\Dave\Application Data\Microsoft\Installer\{94D5AF0F-E6EE-4A75-BE31-9C9C9A87AD45}\NewShortcut2_94D5AF0FE6EE4A75BE319C9C9A87AD45_1.exe
C:\Documents and Settings\Dave\Desktop\Run PC MightyMax!.lnk
C:\Documents and Settings\Dave\Local Settings\Temp\~DF1213.tmp
C:\Documents and Settings\Dave\Start Menu\Programs\PC MightyMax\Run PC MightyMax!.lnk
C:\Documents and Settings\Dave\Start Menu\Programs\PC MightyMax\Uninstall PC MightyMax v9.lnk
C:\Program Files\PC MightyMax\beep.exe
C:\Program Files\PC MightyMax\ExeAfter.exe
C:\Program Files\PC MightyMax\index.html
C:\Program Files\PC MightyMax\lic.conf
C:\Program Files\PC MightyMax\lic.dat
C:\Program Files\PC MightyMax\pcdocrx.conf
C:\Program Files\PC MightyMax\pcmm.exe
C:\Program Files\PC MightyMax\pcmm.exe.manifest
C:\Program Files\PC MightyMax\rsrc16.dll
C:\Program Files\PC MightyMax\rsrc32.dll
C:\Program Files\PC MightyMax\tmp_res_x_101.tmp
C:\Program Files\PC MightyMax\tmp_res_x_102.tmp
C:\Program Files\PC MightyMax\tmp_res_x_103.tmp
C:\Program Files\PC MightyMax\tmp_res_x_104.tmp
C:\Program Files\PC MightyMax\tmp_res_x_105.tmp
C:\Program Files\PC MightyMax\tmp_res_x_106.tmp
C:\Program Files\PC MightyMax\tmp_res_x_107.tmp
C:\Program Files\PC MightyMax\tmp_res_x_108.tmp
C:\Program Files\PC MightyMax\tmp_res_x_109.tmp
C:\Program Files\PC MightyMax\tmp_res_x_110.tmp
C:\Program Files\PC MightyMax\tmp_res_x_111.tmp
C:\Program Files\PC MightyMax\tmp_res_x_112.tmp
C:\Program Files\PC MightyMax\tmp_res_x_113.tmp
C:\Program Files\PC MightyMax\tmp_res_x_114.tmp
C:\Program Files\PC MightyMax\tmp_res_x_115.tmp
C:\Program Files\PC MightyMax\tmp_res_x_116.tmp
C:\Program Files\PC MightyMax\tmp_res_x_117.tmp
C:\Program Files\PC MightyMax\tmp_res_x_118.tmp
C:\Program Files\PC MightyMax\tmp_res_x_119.tmp
C:\Program Files\PC MightyMax\tmp_res_x_120.tmp
C:\Program Files\PC MightyMax\tmp_res_x_121.tmp
C:\Program Files\PC MightyMax\tmp_res_x_122.tmp
C:\Program Files\PC MightyMax\tmp_res_x_123.tmp
C:\Program Files\PC MightyMax\tmp_res_x_124.tmp
C:\Program Files\PC MightyMax\tmp_res_x_125.tmp
C:\WINDOWS\Installer\6137d.msi
C:\WINDOWS\Prefetch\EXEAFTER.EXE-2415047A.pf
C:\WINDOWS\Prefetch\PCMIGHTYMAXSETUP.EXE-170038C9.pf
C:\WINDOWS\Prefetch\PCMM.EXE-278F7027.pf
C:\WINDOWS\system32\msflxgrd.ocx
C:\WINDOWS\Downloaded Installations\{8D3F30D5-B70A-4E21-BF37-C148548EFE53}\PC MightyMax v9.msi

----------------------------------
Files [attributes?] modified:31
----------------------------------
C:\Documents and Settings\Dave\Cookies\index.dat
C:\Documents and Settings\Dave\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
C:\Documents and Settings\Dave\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
C:\Documents and Settings\Dave\Local Settings\History\History.IE5\index.dat
C:\Documents and Settings\Dave\Local Settings\History\History.IE5\MSHist012008030420080305\index.dat
C:\Documents and Settings\Dave\Local Settings\Temporary Internet Files\Content.IE5\index.dat
C:\Documents and Settings\Dave\NTUSER.DAT
C:\Documents and Settings\Dave\NTUSER.DAT.LOG
C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log
C:\WINDOWS\system32\config\software
C:\WINDOWS\system32\config\SOFTWARE.LOG
C:\WINDOWS\system32\config\SYSTEM.LOG
C:\WINDOWS\system32\perfc009.dat
C:\WINDOWS\system32\perfh009.dat
C:\WINDOWS\system32\PerfStringBackup.INI
C:\WINDOWS\system32\wbem\Logs\wbemess.log
C:\WINDOWS\system32\wbem\Logs\wmiprov.log
C:\WINDOWS\system32\wbem\Performance\WmiApRpl.h
C:\WINDOWS\system32\wbem\Performance\WmiApRpl.ini
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP
C:\WINDOWS\WindowsUpdate.log

----------------------------------
Folders added:30
----------------------------------
C:\Documents and Settings\Dave\Application Data\Microsoft\CryptnetUrlCache
C:\Documents and Settings\Dave\Application Data\Microsoft\CryptnetUrlCache\Content
C:\Documents and Settings\Dave\Application Data\Microsoft\CryptnetUrlCache\MetaData
C:\Documents and Settings\Dave\Application Data\Microsoft\Installer
C:\Documents and Settings\Dave\Application Data\Microsoft\Installer\{94D5AF0F-E6EE-4A75-BE31-9C9C9A87AD45}
C:\Documents and Settings\Dave\Start Menu\Programs\PC MightyMax
C:\Program Files\PC MightyMax
C:\Program Files\PC MightyMax\undo
C:\WINDOWS\Downloaded Installations
C:\WINDOWS\Downloaded Installations\{8D3F30D5-B70A-4E21-BF37-C148548EFE53}

----------------------------------
Total changes:710
----------------------------------
     
    noahdfear,
    #6
  8. 2008/03/06
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Wow, ok, I'll call them up and see if I can get it back to try the install/uninstall. No wonder so many people were complaining about this in the forums I visited. Thanks for letting me know, I'll post back with the results.
     
    BillB,
    #7
  9. 2008/03/07
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Dave,

    I downloaded the install file and tried to install it, I'm getting this message;
    The system administrator has set policies to prevent this installation. The user account has Admin privileges.
     
    BillB,
    #8
  10. 2008/03/07
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Please post a Deckards log from the machine.
     
    noahdfear,
    #9
  11. 2008/03/08
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Hi Dave,

    Here's the Deckards scan results;

    Deckard's System Scanner v20071014.68
    Run by Owner on 2008-03-08 12:35:14
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    67: 2008-03-08 17:35:30 UTC - RP159 - Deckard's System Scanner Restore Point
    66: 2008-03-07 22:10:47 UTC - RP158 - Software Distribution Service 3.0
    65: 2008-03-04 22:54:12 UTC - RP157 - Installed AVG 7.5
    64: 2008-03-04 17:13:54 UTC - RP156 - Software Distribution Service 3.0
    63: 2008-03-04 02:55:50 UTC - RP155 - Software Distribution Service 3.0


    -- First Restore Point --
    1: 2007-12-08 23:27:27 UTC - RP93 - System Checkpoint


    Backed up registry hives.
    Performed disk cleanup.

    Total Physical Memory: 447 MiB (512 MiB recommended).


    -- HijackThis (run as Owner.exe) -----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:38:07 PM, on 3/8/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\mqsvc.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\system32\mqtgsvc.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaTray.exe
    C:\Program Files\Browser Mouse\2.03\mouse32a.exe
    C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaServer.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Documents and Settings\Owner.Tammy\Desktop\dss.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\HJT\Owner.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe "
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe "
    O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SMSERIAL] "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe "
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [NBCUniversal Media Manager Tray] "C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaTray.exe" /CustomId:NBCUniversal
    O4 - HKLM\..\Run: [MSKDetectorExe] "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" /uninstall
    O4 - HKLM\..\Run: [FLMMEMOREX203] "C:\Program Files\Browser Mouse\2.03\mouse32a.exe "
    O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [Power2GoExpress] NA
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] G:\tse\COMCAS~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF} (McAfee Virtual Technician) - https://mvt.mcafee.com/mvt/cab/mvt9x.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
    O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
    O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    O23 - Service: Messenger Sharing Folders USN Journal Reader service (usnjsvc) - Unknown owner - C:\Program Files\Windows Live\Messenger\usnsvc.exe (file missing)
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 9305 bytes

    -- HijackThis Fixed Entries (C:\HJT\backups\) ----------------------------------

    backup-20080304-191031-154 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
    backup-20080304-191031-246 O4 - HKLM\..\Run: [PCMM2007RT] "C:\Program Files\PC MightyMax 2007\pcmm2007.exe" /R
    backup-20080304-191031-851 O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    All drivers whitelisted.


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>

    S3 usnjsvc (Messenger Sharing Folders USN Journal Reader service) - "c:\program files\windows live\messenger\usnsvc.exe" (file missing)
    S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" (file missing)


    -- Device Manager: Disabled ----------------------------------------------------

    No disabled devices found.


    -- Scheduled Tasks -------------------------------------------------------------

    2008-03-08 12:35:00 452 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D36B24BE-CA11-403C-98E9-0A71E0004306}.job
    2008-03-07 17:49:01 284 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
    2008-01-05 17:47:13 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2007-12-21 15:00:00 438 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
    2006-10-16 13:02:04 106 --a------ C:\WINDOWS\Tasks\Low Battery Alarm Program.job


    -- Files created between 2008-02-08 and 2008-03-08 -----------------------------

    2008-03-07 11:10:32 0 d------c- C:\WINDOWS\_isA
    2008-03-07 11:06:52 0 d------c- C:\tmp
    2008-03-04 19:13:42 0 d-------- C:\Documents and Settings\NetworkService\Application Data\AVG7
    2008-03-04 17:54:55 0 d-------- C:\Documents and Settings\Owner.Tammy\Application Data\AVG7
    2008-03-04 17:54:45 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
    2008-03-04 17:54:13 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
    2008-03-04 17:51:52 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-03-04 17:51:49 0 d------c- C:\Program Files\SpywareBlaster
    2008-03-04 12:16:18 0 d------c- C:\Program Files\Windows Live
    2008-03-03 22:49:41 691545 --a----c- C:\WINDOWS\unins000.exe
    2008-03-03 22:49:41 2540 --a----c- C:\WINDOWS\unins000.dat


    -- Find3M Report ---------------------------------------------------------------

    2008-03-04 19:18:50 0 d--h----- C:\Program Files\PC MightyMax 2007
    2008-03-03 23:17:20 0 d-------- C:\Documents and Settings\Owner.Tammy\Application Data\Starware316
    2008-02-01 11:11:10 586240 --a----c- C:\WINDOWS\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Windows Live Photo Gallery>
    2007-12-16 14:57:34 117092 --a------ C:\WINDOWS\hpoins11.dat
    2007-12-10 11:14:29 174578 --a------ C:\WINDOWS\system32\tammy


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
    12/13/2007 03:18 PM 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
    12/13/2007 03:18 PM 267592 --a------ C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray "= "C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 10:56 PM]
    "SynTPLpr "= "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [11/05/2004 09:47 AM]
    "SynTPEnh "= "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [11/05/2004 09:47 AM]
    "Recguard "= "%WINDIR%\SMINST\RECGUARD.EXE" []
    "SMSERIAL "= "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [05/23/2006 09:22 PM]
    "Broadcom Wireless Manager UI "= "C:\WINDOWS\system32\WLTRAY.exe" [11/11/2005 11:40 PM]
    "NBCUniversal Media Manager Tray "= "C:\Program Files\Entriq\MediaSphere\Bin\EntriqMediaTray.exe" [09/06/2006 03:35 PM]
    "MSKDetectorExe "= "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [11/07/2006 02:49 PM]
    "FLMMEMOREX203 "= "C:\Program Files\Browser Mouse\2.03\mouse32a.exe" [06/12/2007 08:19 AM]
    "MsmqIntCert "= "regsvr32 /s mqrt.dll" []
    "QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [12/11/2007 10:56 AM]
    "!AVG Anti-Spyware "= "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 04:25 AM]
    "AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [03/04/2008 05:55 PM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Power2GoExpress "= "NA" []
    "ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 02:00 PM]
    "swg "= "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [09/18/2007 02:06 PM]
    "PhotoShow Deluxe Media Manager "= "G:\tse\COMCAS~1\data\Xtras\mssysmgr.exe" []
    "msnmsgr "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" []

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle "=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme "=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools "=0 (0x0)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Authentication Packages "= msv1_0 nwprovau


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b749fdb6-9c43-11dc-9fb0-0014a5ca8e08}]
    AutoRun\command- setupSNK.exe




    -- Hosts -----------------------------------------------------------------------

    127.0.0.1 007guard.com
    127.0.0.1 www.007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 www.008k.com
    127.0.0.1 00hq.com
    127.0.0.1 www.00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 www.032439.com

    7996 more entries in hosts file.


    -- End of Deckard's System Scanner: finished at 2008-03-08 12:38:38 ------------
     
    BillB,
    #10
  12. 2008/03/10
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Hi Dave,

    Were you able to see anything with the scan?
     
    BillB,
    #11
  13. 2008/03/10
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hi Bill,

    Sorry for the delay :eek:

    I do not see what I was hoping to, though I am curious as to what's in the following folder.

    C:\WINDOWS\_isA


    Any chance the PC Mightymax files you deleted are still in the recycle bin?
     
    noahdfear,
    #12
  14. 2008/03/10
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hey Bill, paste the following command into the Start>Run dialog and see if it starts the uninstallation process.

    C:\WINDOWS\system32\msiexec.exe /I {94D5AF0F-E6EE-4A75-BE31-9C9C9A87AD45}
     
    noahdfear,
    #13
  15. 2008/03/11
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Hi Dave,

    Nope, the mighty max files have been deleted from recycle. Here are the files that are in that folder;
    _ISMSIDEL.INI
    0x0409.ini
    setup.INI

    Running the command you gave gives this error;
    This action is only valid for products that are currently installed.
     
    BillB,
    #14
  16. 2008/03/11
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Have a look under the following registry key.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

    You should find the PC Mightymax key under it whose main key is a clsid. When you find it, export it and post it here.
     
    noahdfear,
    #15
  17. 2008/03/11
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Dave,

    I didn't find the key under the path you suggested, there was however a key under HKEY_LOCAL_MACHINE\SOFTWARE\ called PCMightyMax. I'm attaching an export of that as a text file, hopefully that will help.
     

    Attached Files:

    BillB,
    #16
  18. 2008/03/11
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    No help there. Check the C:\WINDOWS\Downloaded Installations folder for a folder with a CLSID name. Might be an msi installer still present for it.
     
    noahdfear,
    #17
  19. 2008/03/14
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Hi Dave,

    Sorry to be so long posting back, just got back to this today. There was a MSI file in that folder for it, but it produced the same error mentioned before so no luck.
     
    BillB,
    #18
  20. 2008/03/15
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hey Bill,

    I just began to wonder if that msi installer came from the setup file you downloaded, rather than from the original installation. If it's name is PC MightyMax v9.msi chances are it's the new setup file, and this may not work as hoped. Do a search for all msi files and see if you can locate another (if it is indeed the v9). Either way, give this a shot.

    Open a command window and execute the following command, substituting the proper path/filename for the installer on that machine. Be sure to include the quotes.

    MSIEXEC /a "C:\Windows\Downloaded Installations\path_to_installer\installer.msi "
     
    noahdfear,
    #19
  21. 2008/03/17
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    Hi Dave,

    The only install file I could find was the one I downloaded. I ran the command you provided and it successfully installed it again. When I try to uninstall it via add/remove pgms, it is displaying the message 'this action is on valid on currently installed programs' and the uninstall entry on the programs list points to a file that isn't there.

    How do I get rid of this thing completely?
     
    BillB,
    #20
Page 1 of 3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...